Twitter API Integration (Web Reversed )

WarnAudited by ClawScan on May 10, 2026.

Overview

This skill is a powerful Twitter/X automation toolkit that uses browser session cookies and includes hardcoded credentials plus public account-mutation tools, so it needs careful review before use.

Do not install or run this skill on a real account until hardcoded credentials are removed and rotated, credential requirements are declared, and write actions require explicit confirmation. If you use it at all, use a separate test account, avoid private DMs or sensitive accounts, and prefer official scoped API access over session-cookie automation.

Findings (6)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

High

#ASI03: Identity and Privilege Abuse

What this means

Running or reusing the demo could operate an account using baked-in session credentials, and the committed credentials themselves represent an account compromise risk.

Why it was flagged

The demo embeds session-like Twitter/X credentials and a username directly in source code; the same file uses those values to create tools that post, like, reply, and fetch mentions.

Skill content

AUTH_TOKEN = "f06ec149475390a01262510a1cc1b59c9760a318"
CT0 = "37318663228df008399ba56501e3512d4b1b1d30eb852fc958561da0888027014e91199162dbc93f745a296fe0189018d1025f12b5dd065bb1d14798103016f3a0662487bebcf132aaff91db01812e0d"
USERNAME = "Jordyn_Luv"

Recommendation

Remove all hardcoded tokens, rotate the affected account credentials, require user-provided credentials via a declared secret mechanism, and ensure demos use mocks or placeholders only.

High

#ASI03: Identity and Privilege Abuse

What this means

A user may not realize the skill needs full browser-session cookies rather than scoped API credentials, exposing the account to broad automated access.

Why it was flagged

Twitter/X auth_token and ct0 cookies are session credentials with broad account authority, but the registry declares no primary credential and no required env vars.

Skill content

Copy `.env.example`  `.env` and fill cookies per account (auth_token + ct0 from logged-in sessions).

Recommendation

Declare the credential requirements explicitly, prefer official scoped API/OAuth flows where possible, and document exactly which account actions the cookies authorize.

High

#ASI02: Tool Misuse and Exploitation

What this means

An agent could publish content, follow accounts, or access private social data in ways that affect reputation, privacy, or account standing.

Why it was flagged

The skill exposes public posting/following and private messaging/account interactions, but the instructions do not define approval gates, safe defaults, or limits for autonomous agent use.

Skill content

Posting and follow automation via env-driven account labels (`scripts/post_custom_tweet.py`, `scripts/follow_account.py`).
- Full async client (`twitter_api/`) with modules for tweets, users, relationships, DMs, etc.

Recommendation

Make read-only behavior the default, require explicit user confirmation for every write/DM/follow action, and provide account allowlists and rate limits.

Medium

#ASI02: Tool Misuse and Exploitation

What this means

This may violate platform rules, trigger account restrictions, or make it harder for users to understand the operational and account-safety risks.

Why it was flagged

The code intentionally imitates browser requests for private web endpoints rather than using a safer scoped official API workflow.

Skill content

# Default headers for Twitter API requests (match browser to reduce automation detection)

Recommendation

Prefer official Twitter/X API integrations; if private web automation is used, disclose the ToS/account-risk tradeoff prominently and require explicit opt-in.

Medium

#ASI03: Identity and Privilege Abuse

What this means

The user could unknowingly rely on an embedded proxy account, creating account-lockout, provenance, and credential-exposure concerns.

Why it was flagged

The default configuration embeds a third-party proxy credential that is not disclosed in SKILL.md; if consumed, authenticated Twitter automation may be routed through infrastructure the user did not choose.

Skill content

"proxy": "beeaVXlWtDSdzRin:beeVvI6kd02MB@hive.beeproxies.com:1337"

Recommendation

Remove the hardcoded proxy default, require an explicit user-supplied proxy setting if needed, and document when proxying is used.

Low

#ASI04: Agentic Supply Chain Vulnerabilities

What this means

Future installs may resolve to dependency versions that were not reviewed with this skill.

Why it was flagged

Dependencies are specified as minimum-version ranges rather than pinned versions, which is a provenance/reproducibility concern for a credential-bearing integration.

Skill content

aiohttp>=3.7.4
tenacity>=8.0.1
python-dateutil>=2.8.2
aiofiles>=0.8.0
twitter-text-python>=1.1.1

Recommendation

Use a lockfile or pinned versions and review dependency provenance before installing.